Storia in 3 fonti

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ.

Raccontata da

securityweek.com

thehackernews.com

bleepingcomputer.com

Confronto fonti

3 prospettive sulla stessa storia

AI · summaries

bleepingcomputer.comStai leggendo2 g fa

Hackers exploit FortiClient EMS flaw to push infostealer malware

Attackers exploit CVE-2026-35616 in FortiClient EMS to deploy the EKZ infostealer via VPN scripting, targeting 2,000 exposed instances. The flaw allows unauthenticated RCE and MFA bypass via cookie theft; Fortinet patched 7.4.5/7.4.6—apply immediately.

originale

thehackernews.com2 g fa

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

FortiClient EMS flaw CVE-2026-35616 enabled malware delivery via fake updates, risking credential theft across endpoints.

Leggi questa versione →

Timeline cronologica

giovedì 28 maggio 2026·securityweek.com
Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks
CVE-2026-35616, a FortiClient EMS zero-day vulnerability patched in April, has been exploited in fresh infostealer attacks.
giovedì 28 maggio 2026·thehackernews.com
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
FortiClient EMS flaw CVE-2026-35616 enabled malware delivery via fake updates, risking credential theft across endpoints.

Hackers exploit FortiClient EMS flaw to push infostealer malware

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Timeline cronologica

Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks

Hackers exploit FortiClient EMS flaw to push infostealer malware